US Tries to Make it Easier to Wiretap the Internet

“Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is ‘going dark’ as people increasingly communicate online instead of by telephone. Essentially, officials want Congress to require all services that enable communications – including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct ‘peer to peer’ messaging like Skype – to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.” I could quote Benjamin Franklin again – but I’m starting to suspect that our politicians (this isn’t just a US thing, it happens all over the world) have no respect for the wise men and women who fought for the principles we are now trying to shove upon the rest of the world. How can the west push freedom and liberty around the world while at the same time taking them away at home?

Indeed; It’s disgusting. It reminds me of that propaganda poster where the US [personified] are on a machine, feeding a country above while consuming the land under their feet. Now of course a more passive-aggressive approach is taken .

All the little things add together, I myself am not a conspiracy theorist but the ever-growing control and influence of the US over the world is an observable fact. Even their wretched media and news channels are pushed into developing countries at very special rates (or free!) and the demand for it is strong.

We already know that certain agencies have control over a range of systems in most European countries; the sleeping world has passively watched a true invasion – we’re yet to witness the final payload though.

Once I read a book — forgot its title — where in a future world encrypting amongst other means to ensure your privacy was protected were deemed illegal. If you have nothing to hide why should you encrypt anything.

These ideas target the exact same area, since those politicans pushing these agendas will realise once that it is not possible to ensure that good encryption can be wiretaped, unless they “control” either the recipient or the sender of the messages. The next step would be to forbid good encryption for all the possible “criminals” and “terrorists”, i.e. every citizen and later every non-US company.

PS.: I agree, if you have nothing to hide you do not need encryption, but the need to hide something depends also on the entity you want to hide stuff from not only your actions. And an entity that does want to take privacy of its citizens away — i.e. it does not trust its own people — is highly dubious and does not deserve my trust in return.

WASHINGTON â€” Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is â€œgoing darkâ€ as people increasingly communicate online instead of by telephone.

Essentially, officials want Congress to require all services that enable communications â€” including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct â€œpeer to peerâ€ messaging like Skype â€” to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages.

As reported, the scope so far is strictly US.

I’m not at all sure how they plan to affect BlackBerry, because BlackBerry is Canadian, is it not?

It does not matter where a company is from, what matters is where it wants to sell their stuff.

E.g. a lot of companies are discouraged to sell stuff to Cuba as they would be punished by the US when trying to sell their stuff in the US as well. And as that market is pretty large the resulting decisions are always the same.

The US could simply force BlackBerry to sell “wiretap”-versions of their products to the US and also to sell “wiretap”-versions to countries the US does not recognise as worthwhile partners. All that only because the US is a large market hardly anyone can ignore.

It does not matter where a company is from, what matters is where it wants to sell their stuff.

E.g. a lot of companies are discouraged to sell stuff to Cuba as they would be punished by the US when trying to sell their stuff in the US as well. And as that market is pretty large the resulting decisions are always the same.

The US could simply force BlackBerry to sell “wiretap”-versions of their products to the US and also to sell “wiretap”-versions to countries the US does not recognise as worthwhile partners. All that only because the US is a large market hardly anyone can ignore.

So you would argue that the US wants to hand the majority of the global market for secure hand-helds over to a Chinese firm:

HTC is doing business in the US as is Nokia as a result they all could be forced to sell certain versions of their products in the US and as well be bullied into doing that in other countries. I have no clue to what extent the later would be succesful.

You miss the point imho. HTC is doing business in the US as is Nokia as a result they all could be forced to sell certain versions of their products in the US and as well be bullied into doing that in other countries. I have no clue to what extent the later would be succesful.

You miss the point imho. HTC and Nokia are both world-leading suppliers of mobile handheld devices. For both of them the US represents only a small fraction of their business.

They would both probably be better off keeping a feature of strong encryption without supplying a backdoor for US government agencies, and perhaps thereby giving up sales in the US, as a trade-off for effectively eliminating competition in the worldwide markets from US-supplied handhelds such as the iPhone.

The European market alone is much bigger than the US market, let alone consideration of the Asian market.

The term “Taiwan” has also become a commonly used alternative name both domestically and internationally to refer to the entire country of Republic of China after the ROC lost international diplomatic recognition as “China” in the 1970s.

So no, referring to the Taiwanese as Chinese is incorrect if you want to actually convey any meaning. The naming is historical, and not useful if you want to be understood by anyone else (unless you’re communicating with someone who is still in the 1970s).

The term “Taiwan” has also become a commonly used alternative name both domestically and internationally to refer to the entire country of Republic of China after the ROC lost international diplomatic recognition as “China” in the 1970s.

So no, referring to the Taiwanese as Chinese is incorrect if you want to actually convey any meaning. The naming is historical, and not useful if you want to be understood by anyone else (unless you’re communicating with someone who is still in the 1970s).

Finland is European.

Mexico and Canada are “North American”. They are actually more “North American” than the US, because one of the states of the US is in the middle of the Pacific Ocean.

Brazil and Chile are also American … South American.

In the same sense, Taiwan is “Chinese”, and Korea is “Asian”. I suppose I could have called Taiwan “Asian” as well, but I chose not to … Chinese is more descriptive (especially of the people) IMO.

Yes, calling Taiwanese “Asian” would be appropriate (although vague), but “Chinese” is not appropriate.

China isn’t a geographical region, in the same way as a continent (Asia, Europe, the Americas), its borders change. Taiwan isn’t somehow a subset of China, they split 60 years ago, their name carries some of this heritage.

The Taiwanese guy I know is quite adamant that Taiwan is NOT China, and has specifically told me on occasion that I should buy HTC phones because they are Taiwanese, not an inferior Japanese phone (Samsung Galaxy S).

On the other hand, I’ve confused the hell out of a Chinese student by referring to some place called “Taiwan”…

Short story, China says Taiwan is part of China; Taiwan says it’s independent, and HTC says it’s based in Taiwan.

The next step would be to forbid good encryption for all the possible “criminals” and “terrorists”, i.e. every citizen and later every non-US company.

However much they might wish it, such a prohibition is beyond the capabilities of the US government.

There is an aspect many people seems to oversee in this matters: of course such prohibitions can be worked around, and “bad” people will, after all they are “criminals”, right?,

The issue here is that this mostly hits honest people who is faced with the “option” to either comply or become a felon (thatÂ´s Criminal with capital C).

While individuals might be confident that they will not get in troouble since they are not important enough, what happens to companies wanting to use -in this case- encryption to secure their data or to build their bussines around it? Not a pretty perspective IMHO.

Beyond that, some have been calling it for years: “Criminal By Default”

The next step would be to forbid good encryption for all the possible “criminals” and “terrorists”, i.e. every citizen and later every non-US company.

However much they might wish it, such a prohibition is beyond the capabilities of the US government.

There is an aspect many people seems to oversee in this matters: of course such prohibitions can be worked around, and “bad” people will, after all they are “criminals”, right?,

The issue here is that this mostly hits honest people who is faced with the “option” to either comply or become a felon (thatÂ´s Criminal with capital C).

The stated reason for proposing this bill is: “arguing that their ability to wiretap criminal and terrorism suspects is â€œgoing darkâ€ as people increasingly communicate online instead of by telephone”

Criminals will still use encryption. Even if US govt dearly wants to mandate a backdoor, I’m fairly certain that the criminals (who are the supposed reason for this whole initiative) won’t feel inclined to co-operate.

Further to that point, said criminals already have the code, without any backdoors included. For example:

For advanced security needs, Psi can also encrypt messages end-to-end with OpenPGP.

I’m pretty sure that criminals wouldn’t consider the Internet (with government-mandated backdoors added) to be a trusted network. So they would simply “encrypt messages end-to-end with OpenPGP”, and thereby frustrate any backdoor.

As we both say, it is not really about fighting terrorists or criminals, thatÂ´s just the excuse.

My answer would be:

– Leveraging control

– Criminalizing custom security

– Criminalizing privacy

If the US is a freedom-supporting democracy, why is its bureaucracy so keen on making up pointless laws to criminalise privacy for its citizens, and on inventing ludicrously transparent excuses for doing so?

Surely even the seemingly-gullible US residents can see through this malarkey?

After a long protracted battle, the security community prevailed after mustering detailed technical studies and research that concluded that national security was actually strengthened by wide use of encryption to secure computers and sensitive business and government communications.

Cryptographers have long argued that backdoors aren’t a featureâ€”they are just a security hole that will inevitably be abused by hackers or adversarial governments.

The proposal also contradicts a congressionally-ordered 1996 National Research Council report that found that requiring backdoors was not a sensible policy for the government.

cases of encryption tripping up law enforcement are extremely rare, according the government’s own records.

“In this case they are trying to roll back something that already happened and that people are relying on,” Blaze said.

I’m with ars technica … I think that either the US government is horribly and utterly confused by tech (unlikely), or it is simply just plain straight-out lying to its own people.

Encryption algorithms are indeed very, very good. You’d have to be a sucker to try and attack their mathematical underpinnings. If you really want to know what someone is doing, you have to put a program between their keyboard and the encryption. Which, is actually pretty easy. If that fails, there is always rubber hose decryption methods that are usually pretty effective.

These ideas target the exact same area, since those politicans pushing these agendas will realise once that it is not possible to ensure that good encryption can be wiretaped, unless they “control” either the recipient or the sender of the messages. The next step would be to forbid good encryption for all the possible “criminals” and “terrorists”, i.e. every citizen and later every non-US company.

Back in 1998 when the SHA-1 algorithm has been declassified, I implemented it in C++ and Borland C++ inline assembler. I had to read some documentation beforehand and IIRC, exporting strong cryptography was illegal in the US. Don’t know whether I’m right or whether that still holds, my memories are quite blurred now. Hasn’t a certain version (6? 7?) of IE

offered different bit lengths depending on whether it was the US version or the European one?

Let’s not forget that more recently, and I’m positive about this, a Middle East country, along with India, expressed concerns about the NSA-approved-for-presidential-use encryption used on Blackberry smartphones IM or chat service. I didn’t follow the story more than that, as I just caught it one or two times on CNN iDesk, but either the phone brand is banned or the incriminated service(s) those authorities were angry at were banned.

Different parties, different perceived ideals, but all the same crooks. There are very few republicans or democrats in US politics that actually adhere to the ideals they claim to. There are a few good ones, but not many. People need to open their eyes vote these guys out of office while they still can. The indifference of the people caused these problems in the first place, now people are losing their rights and wonder why.

For starters, are we really surprised? There are already regulation for allowing phones to be wiretappaed and this is just a logical extension of that. It does show a lack of technical understanding that they want to require the ability to “unscramble” encrypted content. This is not in any way practically possible and I’m pretty sure the phone companies aren’t required to be able to do that. The “unscrambling” is up to the law enforcement agencies, afaik.

Not that I think that the terrorist that we actually have to worry about is using Facebook or Skype rather than their own secured systems (or systems in more free countries) but hey, what do I know?

However, “wiretapping” the Internet is not as simple as these folk may think it is. Skype, for example, is not an American company and they do not have to comply with American regulations. I guess it could be made illegal for American citizens to download and use Skype though. Then again, illegality isn’t really a bother for terrorists, is it.

Even if we presume that they manage to get this kind of regulation in place for, say, Facebook the workaround is simple (although perhaps not practical): use a service that isn’t based in the U.S.

There’s of course also that little niggle that far from all Internet traffic passes thru the U.S and that U.S law does not really apply to most of “the Internet” at all.

I bet that if you were responsible for people safety and security you would sing a different tune.

Not at all. An encryption backdoor is quite similar to a handgun … it might look like a security feature, but a handgun can point in any direction … it can be pointed at the innocent citizen just as easily as it can be pointed at the criminal.

This is the problem with politicians: There aren’t very many who, when confronted with power, won’t try to get more for themselves. There are other Benjamin Franklins, but they’ve been steamrolled, ignored, or undone.